Sigurnosni nedostaci programskog paketa mujs

Preporuke

by ncert - 15. veljače 2018.15. veljače 2018.0

——————————————————————————–

Fedora Update Notification

FEDORA-2018-d4746c772f

2018-02-14 17:08:28.617718

——————————————————————————–

Name : mujs

Product : Fedora 26

Version : 0

Release : 11.20180129git25821e6.fc26

URL : http://mujs.com/

Summary : An embeddable Javascript interpreter

Description :

MuJS is a lightweight Javascript interpreter designed for embedding in

other software to extend them with scripting capabilities.

——————————————————————————–

Update Information:

Security fix for CVE-2018-5759.

——————————————————————————–

References:

[ 1 ] Bug #1539514 – CVE-2018-5759 mujs: Improper management of AST depth in jsparse.c can allow a remote attacker to cause a denial of service via a crafted file

https://bugzilla.redhat.com/show_bug.cgi?id=1539514

[ 2 ] Bug #1539847 – CVE-2018-6191 mujs: Interger overflow in js_strtod function in jsdtoa.c

https://bugzilla.redhat.com/show_bug.cgi?id=1539847

——————————————————————————–

This update can be installed with the “dnf” update program. Use

su -c ‘dnf upgrade mujs’ at the command line.

For more information, refer to the dnf documentation available at

http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/keys

——————————————————————————–

_______________________________________________

package-announce mailing list — package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2018-5b2e981f14
2018-02-14 17:26:16.387108
——————————————————————————–

Name : mujs
Product : Fedora 27
Version : 0
Release : 11.20180129git25821e6.fc27
URL : http://mujs.com/
Summary : An embeddable Javascript interpreter
Description :
MuJS is a lightweight Javascript interpreter designed for embedding in
other software to extend them with scripting capabilities.

——————————————————————————–
Update Information:

Security fix for CVE-2018-5759.
——————————————————————————–
References:

[ 1 ] Bug #1539514 – CVE-2018-5759 mujs: Improper management of AST depth in jsparse.c can allow a remote attacker to cause a denial of service via a crafted file
https://bugzilla.redhat.com/show_bug.cgi?id=1539514
[ 2 ] Bug #1539847 – CVE-2018-6191 mujs: Interger overflow in js_strtod function in jsdtoa.c
https://bugzilla.redhat.com/show_bug.cgi?id=1539847
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade mujs’ at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Sigurnosni nedostaci programskog paketa mujs

Archives

More in Preporuke

Sigurnosni nedostaci programske biblioteke libxml2